2. A seperate version of the GUI compiled without the change psw feature.

3. Put restrictions on how the password can be change. Require atleast
8 chars or something like that.

4. Any other suggestion.

Do remember that every one can still use the openssl utitlity bundled with
OpenVPN to change the password, even if it's a lot harder todo.

On Tue, 24 Aug 2004, Davis Goodman wrote:

Hi Mathias,

I just installed the latest version of OpenVPN GUI and I like the
way the interface is done. If you allow me on comment though I would say
that I have a problem with the "change password" feature. I'm just in the
process of implementing a complete OpenVPN solution at the office and since
we have a lot of intellectual property, I managed to have the management
agree that people would have to enter a password to use the VPN. We used to
use PPTP with the Microsoft VPN interface and everyone was using the "save
password" feature defeating the purpose of security to my own opinion.

We had a couple of cases were people had their laptop stolen and I
always freak out knowing that they saved their password even though we
usually get notified on time to disable the account.

I love the openvpn solution forcing the user to enter a password. I
will have to implement another GUI because and I can't have a user change is
password to a blank one.

Am I the only one with this opinion?

Cheers,

Davis Goodman
_________________________
Manager, Support and Quality control
Algolith Inc.